Changeset View
Changeset View
Standalone View
Standalone View
sys/kern/kern_procctl.c
Show First 20 Lines • Show All 414 Lines • ▼ Show 20 Lines | |||||
{ | { | ||||
*data = (p->p_flag2 & P2_TRAPCAP) != 0 ? PROC_TRAPCAP_CTL_ENABLE : | *data = (p->p_flag2 & P2_TRAPCAP) != 0 ? PROC_TRAPCAP_CTL_ENABLE : | ||||
PROC_TRAPCAP_CTL_DISABLE; | PROC_TRAPCAP_CTL_DISABLE; | ||||
return (0); | return (0); | ||||
} | } | ||||
static int | static int | ||||
no_new_privs_ctl(struct thread *td, struct proc *p, int state) | |||||
{ | |||||
PROC_LOCK_ASSERT(p, MA_OWNED); | |||||
if (state != PROC_NO_NEW_PRIVS_ENABLE) | |||||
kib: For me, it is too many lines.
```
if (state != PROC_NO_NEW_PRIS_ENABLE)
return (EINVAL);
p… | |||||
return (EINVAL); | |||||
p->p_flag2 |= P2_NO_NEW_PRIVS; | |||||
return (0); | |||||
} | |||||
static int | |||||
no_new_privs_status(struct thread *td, struct proc *p, int *data) | |||||
{ | |||||
*data = (p->p_flag2 & P2_NO_NEW_PRIVS) != 0 ? | |||||
PROC_NO_NEW_PRIVS_ENABLE : PROC_NO_NEW_PRIVS_DISABLE; | |||||
return (0); | |||||
} | |||||
static int | |||||
protmax_ctl(struct thread *td, struct proc *p, int state) | protmax_ctl(struct thread *td, struct proc *p, int state) | ||||
{ | { | ||||
PROC_LOCK_ASSERT(p, MA_OWNED); | PROC_LOCK_ASSERT(p, MA_OWNED); | ||||
switch (state) { | switch (state) { | ||||
case PROC_PROTMAX_FORCE_ENABLE: | case PROC_PROTMAX_FORCE_ENABLE: | ||||
p->p_flag2 &= ~P2_PROTMAX_DISABLE; | p->p_flag2 &= ~P2_PROTMAX_DISABLE; | ||||
p->p_flag2 |= P2_PROTMAX_ENABLE; | p->p_flag2 |= P2_PROTMAX_ENABLE; | ||||
▲ Show 20 Lines • Show All 164 Lines • ▼ Show 20 Lines | sys_procctl(struct thread *td, struct procctl_args *uap) | ||||
switch (uap->com) { | switch (uap->com) { | ||||
case PROC_ASLR_CTL: | case PROC_ASLR_CTL: | ||||
case PROC_PROTMAX_CTL: | case PROC_PROTMAX_CTL: | ||||
case PROC_SPROTECT: | case PROC_SPROTECT: | ||||
case PROC_STACKGAP_CTL: | case PROC_STACKGAP_CTL: | ||||
case PROC_TRACE_CTL: | case PROC_TRACE_CTL: | ||||
case PROC_TRAPCAP_CTL: | case PROC_TRAPCAP_CTL: | ||||
case PROC_NO_NEW_PRIVS_CTL: | |||||
error = copyin(uap->data, &flags, sizeof(flags)); | error = copyin(uap->data, &flags, sizeof(flags)); | ||||
if (error != 0) | if (error != 0) | ||||
return (error); | return (error); | ||||
data = &flags; | data = &flags; | ||||
break; | break; | ||||
case PROC_REAP_ACQUIRE: | case PROC_REAP_ACQUIRE: | ||||
case PROC_REAP_RELEASE: | case PROC_REAP_RELEASE: | ||||
if (uap->data != NULL) | if (uap->data != NULL) | ||||
Show All 15 Lines | if (error != 0) | ||||
return (error); | return (error); | ||||
data = &x.rk; | data = &x.rk; | ||||
break; | break; | ||||
case PROC_ASLR_STATUS: | case PROC_ASLR_STATUS: | ||||
case PROC_PROTMAX_STATUS: | case PROC_PROTMAX_STATUS: | ||||
case PROC_STACKGAP_STATUS: | case PROC_STACKGAP_STATUS: | ||||
case PROC_TRACE_STATUS: | case PROC_TRACE_STATUS: | ||||
case PROC_TRAPCAP_STATUS: | case PROC_TRAPCAP_STATUS: | ||||
case PROC_NO_NEW_PRIVS_STATUS: | |||||
data = &flags; | data = &flags; | ||||
break; | break; | ||||
case PROC_PDEATHSIG_CTL: | case PROC_PDEATHSIG_CTL: | ||||
error = copyin(uap->data, &signum, sizeof(signum)); | error = copyin(uap->data, &signum, sizeof(signum)); | ||||
if (error != 0) | if (error != 0) | ||||
return (error); | return (error); | ||||
data = &signum; | data = &signum; | ||||
break; | break; | ||||
Show All 14 Lines | case PROC_REAP_KILL: | ||||
if (error == 0) | if (error == 0) | ||||
error = error1; | error = error1; | ||||
break; | break; | ||||
case PROC_ASLR_STATUS: | case PROC_ASLR_STATUS: | ||||
case PROC_PROTMAX_STATUS: | case PROC_PROTMAX_STATUS: | ||||
case PROC_STACKGAP_STATUS: | case PROC_STACKGAP_STATUS: | ||||
case PROC_TRACE_STATUS: | case PROC_TRACE_STATUS: | ||||
case PROC_TRAPCAP_STATUS: | case PROC_TRAPCAP_STATUS: | ||||
case PROC_NO_NEW_PRIVS_STATUS: | |||||
if (error == 0) | if (error == 0) | ||||
error = copyout(&flags, uap->data, sizeof(flags)); | error = copyout(&flags, uap->data, sizeof(flags)); | ||||
break; | break; | ||||
case PROC_PDEATHSIG_STATUS: | case PROC_PDEATHSIG_STATUS: | ||||
if (error == 0) | if (error == 0) | ||||
error = copyout(&signum, uap->data, sizeof(signum)); | error = copyout(&signum, uap->data, sizeof(signum)); | ||||
break; | break; | ||||
} | } | ||||
Show All 33 Lines | kern_procctl_single(struct thread *td, struct proc *p, int com, void *data) | ||||
case PROC_TRACE_CTL: | case PROC_TRACE_CTL: | ||||
return (trace_ctl(td, p, *(int *)data)); | return (trace_ctl(td, p, *(int *)data)); | ||||
case PROC_TRACE_STATUS: | case PROC_TRACE_STATUS: | ||||
return (trace_status(td, p, data)); | return (trace_status(td, p, data)); | ||||
case PROC_TRAPCAP_CTL: | case PROC_TRAPCAP_CTL: | ||||
return (trapcap_ctl(td, p, *(int *)data)); | return (trapcap_ctl(td, p, *(int *)data)); | ||||
case PROC_TRAPCAP_STATUS: | case PROC_TRAPCAP_STATUS: | ||||
return (trapcap_status(td, p, data)); | return (trapcap_status(td, p, data)); | ||||
case PROC_NO_NEW_PRIVS_CTL: | |||||
return (no_new_privs_ctl(td, p, *(int *)data)); | |||||
case PROC_NO_NEW_PRIVS_STATUS: | |||||
return (no_new_privs_status(td, p, data)); | |||||
default: | default: | ||||
return (EINVAL); | return (EINVAL); | ||||
} | } | ||||
} | } | ||||
int | int | ||||
kern_procctl(struct thread *td, idtype_t idtype, id_t id, int com, void *data) | kern_procctl(struct thread *td, idtype_t idtype, id_t id, int com, void *data) | ||||
{ | { | ||||
Show All 14 Lines | kern_procctl(struct thread *td, idtype_t idtype, id_t id, int com, void *data) | ||||
case PROC_REAP_GETPIDS: | case PROC_REAP_GETPIDS: | ||||
case PROC_REAP_KILL: | case PROC_REAP_KILL: | ||||
case PROC_STACKGAP_CTL: | case PROC_STACKGAP_CTL: | ||||
case PROC_STACKGAP_STATUS: | case PROC_STACKGAP_STATUS: | ||||
case PROC_TRACE_STATUS: | case PROC_TRACE_STATUS: | ||||
case PROC_TRAPCAP_STATUS: | case PROC_TRAPCAP_STATUS: | ||||
case PROC_PDEATHSIG_CTL: | case PROC_PDEATHSIG_CTL: | ||||
case PROC_PDEATHSIG_STATUS: | case PROC_PDEATHSIG_STATUS: | ||||
case PROC_NO_NEW_PRIVS_CTL: | |||||
case PROC_NO_NEW_PRIVS_STATUS: | |||||
if (idtype != P_PID) | if (idtype != P_PID) | ||||
return (EINVAL); | return (EINVAL); | ||||
} | } | ||||
switch (com) { | switch (com) { | ||||
case PROC_PDEATHSIG_CTL: | case PROC_PDEATHSIG_CTL: | ||||
signum = *(int *)data; | signum = *(int *)data; | ||||
p = td->td_proc; | p = td->td_proc; | ||||
Show All 16 Lines | kern_procctl(struct thread *td, idtype_t idtype, id_t id, int com, void *data) | ||||
switch (com) { | switch (com) { | ||||
case PROC_SPROTECT: | case PROC_SPROTECT: | ||||
case PROC_REAP_STATUS: | case PROC_REAP_STATUS: | ||||
case PROC_REAP_GETPIDS: | case PROC_REAP_GETPIDS: | ||||
case PROC_REAP_KILL: | case PROC_REAP_KILL: | ||||
case PROC_TRACE_CTL: | case PROC_TRACE_CTL: | ||||
case PROC_TRAPCAP_CTL: | case PROC_TRAPCAP_CTL: | ||||
case PROC_NO_NEW_PRIVS_CTL: | |||||
sx_slock(&proctree_lock); | sx_slock(&proctree_lock); | ||||
tree_locked = true; | tree_locked = true; | ||||
break; | break; | ||||
case PROC_REAP_ACQUIRE: | case PROC_REAP_ACQUIRE: | ||||
case PROC_REAP_RELEASE: | case PROC_REAP_RELEASE: | ||||
sx_xlock(&proctree_lock); | sx_xlock(&proctree_lock); | ||||
tree_locked = true; | tree_locked = true; | ||||
break; | break; | ||||
case PROC_ASLR_CTL: | case PROC_ASLR_CTL: | ||||
case PROC_ASLR_STATUS: | case PROC_ASLR_STATUS: | ||||
case PROC_PROTMAX_CTL: | case PROC_PROTMAX_CTL: | ||||
case PROC_PROTMAX_STATUS: | case PROC_PROTMAX_STATUS: | ||||
case PROC_STACKGAP_CTL: | case PROC_STACKGAP_CTL: | ||||
case PROC_STACKGAP_STATUS: | case PROC_STACKGAP_STATUS: | ||||
case PROC_TRACE_STATUS: | case PROC_TRACE_STATUS: | ||||
case PROC_TRAPCAP_STATUS: | case PROC_TRAPCAP_STATUS: | ||||
case PROC_NO_NEW_PRIVS_STATUS: | |||||
tree_locked = false; | tree_locked = false; | ||||
break; | break; | ||||
default: | default: | ||||
return (EINVAL); | return (EINVAL); | ||||
} | } | ||||
switch (idtype) { | switch (idtype) { | ||||
case P_PID: | case P_PID: | ||||
▲ Show 20 Lines • Show All 57 Lines • Show Last 20 Lines |
For me, it is too many lines.